Practically Networked Home Earthweb HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.

Troubleshooting Q&A - January 19, 2006

Wi-Fi Authentication and Encryption Demystified

A curious reader — eager to understand how wireless encryption and security works — runs two scenarios by our columnist. Read on to find out if logical assumptions pan out in the world of Wi-Fi.

By Ron Pacchiano

Q.   I've been using a wireless network for a few months. I don't know much about Wi-Fi (define) encryption and security, but I would like to get a better understanding so I can respond appropriately in certain situations. I have come up with couple of scenarios (based on what I know) to illustrate how I think the wireless devices would behave. If I'm incorrect in my assumptions, I was hoping that you could tell me why and explain what would actually happen. Here are my scenarios:

Senario 1:
I configured my access point (AP) (define) to use open authentication and a 64-bit WEP (define) key. My client PC has also been configured to use open authentication, but I did not configured it with the WEP key. I intentionally left it blank. In such a situation, would the client PC still be able to establish a successful connection with the AP, even though it doesn't have the WEP key? Logically, I think that it would. Since the authentication is "open," I would think that the WEP key shouldn't matter. Or is the opposite true? That is, because the WEP key doesn't match that of the AP, would the client PC be prohibited from establishing a connection?

I've experimented with this a bit on my own and observed that the client PC will, in fact, connect to the AP, despite the fact that it doesn't have the proper WEP key. However, it doesn't seem to be able to send or receive any packets once it has been authenticated. I'll assume this is because of the incorrect WEP key, but if that is the problem, then why can it connect to the network at all?

Senario 2:
I have an access point and a PC. Each has been properly configured with the same WEP key and are communicating fine. If I were to go into the AP configuration and remove encryption while they were connected, would the client PC still maintain its connection to the AP or would it lose conductivity to the AP due to the encryption change? I would assume that since encryption is no longer being used, the client PC would momentarily lose the connection to the AP, rescan for the wireless network, find the network, reconnect and continue transmitting. Since the encryption is gone, it should have no trouble reconnecting.

So what do you think? Are my assumptions correct in these scenarios? I've been researching this online, but can't seem to find the answers anywhere. Thanks!

A.   I'm sorry to have to tell you this, but you would be wrong in both situations. Let's take a look at the first scenario. Authentication is simply a way for the device to verify the identity of another device that's attempting to connect to it. So whether you're using open or shared authentication, the purpose is the same — to authenticate a wireless client to the network-controlling device (in this case an access point). However, each of these techniques goes about this in a different way.

The difference between an open system and shared system authentication is that the shared system passes along additional information that could be used by a hacker to crack the WEP key. This is how it works: With a shared-key authentication process the AP sends challenge text to the client in clear text, and then the client encrypts it and sends it back to the AP. If someone were sniffing or monitoring your transmission while this was happening, they would be able to intercept a sample of plain text with its corresponding encrypted text. This gives the hacker a tremendous head start when attempting to break your encryption key because all of the information needed to perform the decryption is contained in these two pieces of data.

Conversely, the open network authentication system doesn't pass on any information to the client in plain text, just the corresponding encrypted text. By removing that information, the process of breaking your encryption key is far more difficult. Since WEP can be used with both authentication methods, an open system is the preferred encryption method to employ. Because it doesn't pass on any additional data about the key, it's considered to be more secure.

The reason you can't send or receive packets after it connects is because the client PC was never actually authenticated to the access point to begin with. It associated to it. The reason for your confusion is simple. Even though you have nonsimilar WEP keys, the two devices will still associate as that is the first step in establishing a connection. During the association no information other than challenge/request handshake passes between the devices. The challenge handshake is the beginning of the authentication process, and the only way the two devices will authenticate is if they both have the same encryption key. Because the client PC didn't have the corresponding WEP key, it was able to associate to the AP, but not authenticate against it.

This applies to your second scenario as well. Even though the AP no longer has encryption enabled and is, as you said, open, the client PC is still looking for encrypted traffic. So removing the WEP key from the AP will cause the information passing from one device to the other to no longer have the same credentials, causing communication to cease.

Truth be told, though, you really didn't need me to tell you this. Over the years, I've discovered that nothing is a better teaching tool than experience. You have all the hardware you need to test these scenarios on your own, so give it a try. Don't worry about anything. There is little chance of you permanently damaging anything. Experiment a little bit. You should have no problem confirming everything we discussed here. Have fun!

Use our feedback form to submit your questions on home or SOHO networking issues. Please be as specific as possible. We cannot guarantee to answer every question we get, but we’ll consider them all. Earthweb HardwareCentral earthwebdeveloper CrossNodes Datamation

Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums